Cyberthugs Using 'Marketing-like' Scams

As more obvious ways to rob users get blocked, sophisticated cybercriminals try a 'marketing' approach.

Although some headway was made at thwarting cyber attacks against users worldwide in the second half of 2010, cybercriminals have been increasingly targeting users with "marketing-like" scams, according to a new report.

Microsoft's Security Intelligence Report (SIR) volume 10 -- released on Thursday, warned that, as more obvious attack vectors are closed off to them, cybercriminals continue to become more sophisticated and are evolving their methods.

"On one side are a small number of sophisticated criminals whose motives vary from large payoffs to targeted attacks ... [while] on the other side, there are those who leverage more accessible attack methods, along with social engineering to take a small amount of money from a large number of people," Vinny Gullotto, general manager of the Microsoft Malware Protection Center, said in a post to the Microsoft on the Issues blog.

Advertisement

"Social engineering tactics include fooling people with rogue security software that pose as legitimate protection products, impersonating friends to steal passwords to online gaming accounts, conducting phishing using social networking as the lure, and tricking users to download adware," the post continued.

According to the report, in the second half of 2010 disclosures of vulnerabilities decreased some 16.5 percent from 2009. That's partly because newer products, like Windows 7, are typically less vulnerable to many types of attacks.

Still, rogue security software -- sometimes called "scareware" -- remains part of the problem. The scareware worms its way onto the user's machine and displays "marketing" messages warning that the user should ante up for its malware removal tool which, in fact, is the malware in question.

According to the report, 19 million occurrences of such attacks were detected and blocked in 2010 -- 13 million of them came from just five families of such malware.

Meanwhile, however, phishing attacks that use a "social networking" ploy to hook the user took off in the second half of 2010 -- jumping 1,200 percent, the blog post said.

Additionally, detection of adware while Web surfing also increased 70 percent from the previous report.

"This increase was almost completely caused by the detection of a pair of new Adware families, JS/Pornpop and Win32/ClickPotato, which are the two most prevalent malware in many countries," Gullotto's post added.